<?php
session_start();
require_once 'dbconnect.php';
$name=$_SESSION['user'];
//echo $id;
//$mypwd=$_SESSION['pwd'];

$query="select * from executives where exe_name='$name'";
//echo $query;
$data=mysql_query($query) or die("query failed to execute".mysql_error());
//$usr='';
$pwd='';
while($line=mysql_fetch_assoc($data))
{
//$usr=$line['username'];
$pwd=$line['pwd'];
}
$oldpwd=$_POST['oldpwd'];
//echo " ".$oldpwd."<br>";
$newpwd=$_POST['newpwd'];
//echo " ".$newpwd."<br>";
$confpwd=$_POST['confpwd'];
//echo " ".$confpwd."<br>";
if((strcmp($newpwd,$confpwd)==0)&&(strcmp($oldpwd,$pwd)==0))
{
$querry="update executives set pwd='$newpwd' where exe_name='$name'";
//echo $querry;
$upddata=mysql_query($querry) or die("cannot update".mysql_error());
if($_SESSION['user']=='admin')
{
header("location:admin.php?link=myaccount&line=success");
}
else
header("location:user.php?link=success");
}
else
{
if($_SESSION['user']=='admin'){
header("location:admin.php?link=myaccount&line=failure");
}
else
header("location:user.php?link=failure");
}
?>